Best Practices for Information Security

Information Security is essential to prevent those with malicious intent from accessing data. Practices may include: Changing your online account passwords, avoiding unsolicited emails, locking or logging off your PC as you walk away, all of these things help prevent data loss from anyone who might wish to compromise accounts.

INSTRUCTIONS

Do not store any personally identifiable information on your computer

Do not store any personally identifiable information (such as Social Security Number, date of birth, Driver's License Number, credit card information and home addresses) on your computer or removable media (such as disks, tapes, USB drives)

Create Complex Passwords

at least 8 characters

at least one letter

at least one digit

at least one special character, such as !, #, $, %, ^, etc. Do not use @, /, <, or ?

cannot contain all or part of your username or be one of your previous five passwords

Delete or Archive Unnecessary Information

Old computers should have data completely erased before being discarded.

Password protect computers and use password protected screen savers

All computers should have login passwords

Lock your computer when you leave your office (on a PC, press Ctrl+Alt+Delete and select “Lock Computer” on a Mac)

Activate your screensaver and require a password be entered before the screen unlocks

Set your computer to automatically lock after 15 minutes of Inactivity

Set automatic updates for your computer

Your computer should be set with Windows/Mac OS automatic updates option enabled

Operating system firewalls should be enabled

Anti-virus and anti-spyware software

Anti-virus and anti-spyware software on your computer should be configured to update definitions at least once a day

Computers should be scanned daily for new viruses/spyware missed by active protection

Viruses/spyware are commonly distributed by websites, screen savers, game software, and other “free” programs

Review our information regarding spyware and viruses or anti-virus software for more information.

Do not click links in unsolicited e-mails

Links in unsolicited emails can appear safe but can actually link to websites with malicious content. If you don't recognize the sender or are not expecting the email the best action is to not click on any links at all. If you must click on a link:

Type the URL address in the browser

Follow a link from a trusted web page

Use a previous bookmark

Tips for securing laptops & other mobile devices

Store all passwords, account names, access codes, login instructions, and authentication tools separately from laptops (not in the pockets of the carrying case)

Lock up laptops when not attended (cable lock during the day, in a locked drawer or cabinet when you leave for the day)

Keep laptops out of sight when temporarily stored in a car, hotel room, or home

When traveling always keep laptop in your possession

Record make/model & serial number of your device

If a device is stolen or missing contact the IT Service Desk immediately